This article explains how to share the internet connection from one machine to other(s).

This article explains how to share the internet connection from one machine to other(s).

−

==Requirements==

+

== Requirements ==

−

* The machine acting as server should have an additional network device

+

−

* That network device should be connected to the machines that are going to receive internet access. They can be one or more machines. To be able to share internet to several machines a [[Wikipedia:Network switch|switch]] is required. If you are sharing to only one machine, a [[Wikipedia:Ethernet crossover cable|crossover cable]] is sufficient

+

* The machine acting as server should have an additional network device.

+

* That network device should be connected to the machines that are going to receive internet access. They can be one or more machines. To be able to share internet to several machines a [[Wikipedia:Network switch|switch]] is required. If you are sharing to only one machine, a [[Wikipedia:Ethernet crossover cable|crossover cable]] is sufficient.

+

{{Note|If one of the two computers has a gigabit ethernet card, a crossover cable is not necessary and a regular ethernet cable should be enough}}

{{Note|If one of the two computers has a gigabit ethernet card, a crossover cable is not necessary and a regular ethernet cable should be enough}}

−

==Configuration==

+

== Configuration ==

−

Using [[Udev#Setting static device names]], name the network device connected to the other computer(s) as '''''net0''''' and the network device connected to the internet as '''''internet0'''''.

+

−

===Static IP address===

+

This section assumes, that the network device connected to the other computer(s) is named '''''net0''''' and the network device connected to the internet as '''''internet0'''''.

+

+

{{Tip|You can rename your devices to this scheme using [[Udev#Setting static device names]].}}

+

+

=== Static IP address ===

+

Assign an static IPv4 address to the interface connected to the other machines. The first 3 bytes of this address cannot be exactly the same as those of another interface.

Assign an static IPv4 address to the interface connected to the other machines. The first 3 bytes of this address cannot be exactly the same as those of another interface.

−

{{bc|

+

# ip link set up dev net0

−

# ip link set up dev net0

+

# ip addr add 139.96.30.100/24 dev net0 # arbitrary address

−

# ip addr add 139.96.30.100/24 dev net0 # arbitrary address

+

−

}}

+

To have your static ip assigned at boot, you can use [[netctl]].

To have your static ip assigned at boot, you can use [[netctl]].

−

===Enable packet forwarding===

+

=== Enable packet forwarding ===

+

Enter this command to temporaly enable packet forwarding:

Enter this command to temporaly enable packet forwarding:

−

{{bc|<nowiki>sysctl net.ipv4.ip_forward=1</nowiki>}}

+

# sysctl net.ipv4.ip_forward=1

−

Edit {{ic|/etc/sysctl.conf}} and add this line, which will make the previous change persistent after a reboot.

+

−

{{bc|<nowiki>net.ipv4.ip_forward=1</nowiki>}}

+

Edit {{ic|/etc/sysctl.conf}} to make the previous change persistent after a reboot.

−

If you are using ipv6, use these lines:

+

{{hc|/etc/sysctl.conf|<nowiki>

−

{{bc|<nowiki>

+

net.ipv4.ip_forward=1

+

</nowiki>}}

+

+

If you are using ipv6, use this:

+

{{hc|/etc/sysctl.conf|<nowiki>

net.ipv6.conf.default.forwarding=1

net.ipv6.conf.default.forwarding=1

net.ipv6.conf.all.forwarding=1

net.ipv6.conf.all.forwarding=1

</nowiki>}}

</nowiki>}}

−

===Enable NAT===

−

[[pacman|Install]] the package {{Pkg|iptables}} from the [[Official Repositories|official repositories]].

−

Use iptables to enable NAT:{{bc|<nowiki>

−

# iptables -t nat -A POSTROUTING -o internet0 -j MASQUERADE

−

# iptables-save > /etc/iptables/iptables.rules

−

# systemctl start iptables

−

</nowiki>}}{{Note| Of course, this also works with a mobile broadband connection (usually called ppp0 on PC1)}}

−

You can set {{ic|iptables.service}} to [[Daemon|auto start at boot]].

−

Read the [[iptables]] article for more information.

+

=== Enable NAT ===

+

+

[[pacman|Install]] the package {{Pkg|iptables}} from the [[Official Repositories|official repositories]]. Use iptables to enable NAT:

+

+

# iptables -t nat -A POSTROUTING -o internet0 -j MASQUERADE

+

# iptables-save > /etc/iptables/iptables.rules

+

# systemctl start iptables

+

+

{{Note|Of course, this also works with a mobile broadband connection (usually called ppp0 on PC1).}}

+

+

{{Tip|You can set {{ic|iptables.service}} to [[Daemon|auto start at boot]].}}

+

+

Read the [[iptables]] article for more information. There's also an excellent guide on iptables [[Simple stateful firewall]].

+

+

=== Assigning ip addresses to the client pc(s) ===

−

===Assigning ip addresses to the client pc(s)===

If you are planning to regularly have several machines using the internet shared by this machine, then is a good idea to install a [[Wikipedia:dhcp|dhcp server]].

If you are planning to regularly have several machines using the internet shared by this machine, then is a good idea to install a [[Wikipedia:dhcp|dhcp server]].

Line 49:

Line 65:

If you are not planing to use this setup regularly, you can manually add an ip to each client instead.

If you are not planing to use this setup regularly, you can manually add an ip to each client instead.

−

====Manually adding an ip====

+

+

==== Manually adding an ip ====

Instead of using dhcp, on each client pc, add an ip address and the default route:

Instead of using dhcp, on each client pc, add an ip address and the default route:

−

{{bc|<nowiki>

+

# ip addr add 139.96.30.120/24 dev eth0

−

ip addr add 139.96.30.120/24 dev eth0

+

# ip link set up dev eth0

−

ip link set up dev eth0

+

# ip route add default via 139.96.30.100 dev eth0

−

ip route add default via 139.96.30.100 dev eth0

+

−

</nowiki>}}

+

Add a nameserver:

Add a nameserver:

−

{{bc|<nowiki>

+

# echo "nameserver <nameserver ip>" >> /etc/resolv.conf

−

echo "nameserver <nameserver ip>" >> /etc/resolv.conf

+

−

</nowiki>}}

+

You can figure out the address of the nameserver by looking into the {{ic|/etc/resolv.conf}} of the server, if its Internet connection is already established.

You can figure out the address of the nameserver by looking into the {{ic|/etc/resolv.conf}} of the server, if its Internet connection is already established.

Line 76:

Line 90:

** [2620:0:ccd::2]

** [2620:0:ccd::2]

−

Bracket notation must be used for IPv6 addresses in resolv.conf.

+

{{Note|Bracket notation must be used for IPv6 addresses in resolv.conf.}}

That's it. The client PC should now have Internet.

That's it. The client PC should now have Internet.

Line 84:

Line 98:

If you are able to connect the two PCs but cannot send data (for example, if the client PC makes a DHCP request to the server PC, the server PC receives the request and offers an IP to the client, but the client does not accept it, timing out instead), check that you don't have other [[Iptables]] rules [https://bbs.archlinux.org/viewtopic.php?pid=1093208 interfering].

If you are able to connect the two PCs but cannot send data (for example, if the client PC makes a DHCP request to the server PC, the server PC receives the request and offers an IP to the client, but the client does not accept it, timing out instead), check that you don't have other [[Iptables]] rules [https://bbs.archlinux.org/viewtopic.php?pid=1093208 interfering].

−

==See also==

+

== See also ==

−

*[[Sharing ppp connection with wlan interface]]

+

−

*[[Simple stateful firewall]]

+

* [[Sharing ppp connection with wlan interface]]

−

*[[Router]]

+

* [[Simple stateful firewall]]

−

*[[USB 3G Modem]]

+

* [[Router]]

+

* [[USB 3G Modem]]

Revision as of 08:59, 18 July 2013

This article explains how to share the internet connection from one machine to other(s).

Contents

Requirements

The machine acting as server should have an additional network device.

That network device should be connected to the machines that are going to receive internet access. They can be one or more machines. To be able to share internet to several machines a switch is required. If you are sharing to only one machine, a crossover cable is sufficient.

Note: If one of the two computers has a gigabit ethernet card, a crossover cable is not necessary and a regular ethernet cable should be enough

Configuration

This section assumes, that the network device connected to the other computer(s) is named net0 and the network device connected to the internet as internet0.

Note: Bracket notation must be used for IPv6 addresses in resolv.conf.

That's it. The client PC should now have Internet.

Troubleshooting

If you are able to connect the two PCs but cannot send data (for example, if the client PC makes a DHCP request to the server PC, the server PC receives the request and offers an IP to the client, but the client does not accept it, timing out instead), check that you don't have other Iptables rules interfering.